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Amendments to the Claims : 

1 . (Currently Amended) A method for dynamically creating a tunnel in a 
communications network to provide subscribers host access to a network service, comprising: 

storing a subscriber profile in a network database, wherein the subscriber profile 
includes subscriber-specific network service tunneling requirements; 

receiving at a network device a first subscriber data packet associated with a first 
network service; 

accessing the subscriber profile to determine if the first network service has a 
subscriber-specific tunneling requirement; and 

creating a first tunnel if a determination is made that the subscriber profile 
requires a first network service tunnel, wherein the first tunnel has a first end point at the 
network device and a second end point at the first network service; 

receiving at the network device a second subscriber data packet associated with a 
second network service; 

accessing the subscriber profile to determine if the second network service has a 
subscriber-specific tunneling requirement: and 

creating a second tunnel if a determination is made that the subscriber profile 
requi r es a second network service tunneU wherein the second tunnel has a first end point at the 
network device and a second end point at the second network service . 

2. (Original) The method of Claim 1 , wherein storing a subscriber profile 
comprises storing at least one parameter chosen from the group consisting of the network access 
identi fier, a user/subscriber name and a user/subscriber password- 

3. (Original) The method of Claim 1, further comprising determining if a first 
tunnel between the network device and the first network service pre-exists prior to creating the 
tunnel between the network device and the first network service. 
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4. (Original) The method of Claim 1, wherein more than one subscriber 
accessing the communication network through the network device can simultaneously transmit 
data packets to the first network service via the first tunnel, 

5. (Canceled) 

6. (Currently Amended) The method of Claim [[5]) L, further comprising 
determining if a second tunnel between the network device and the second network service pre- 
exists prior to creating the tunnel between the network device and the second network service. 

7. (Currently Amended) The method of Claim [[5]] I, wherein the second 
tunnel is functional simultaneous with the functioning of the first tunneL 

8. (Currently Amended) The method of Claim [[5]] wherein the more than 
one subscriber accessing the communication network through the network device can 
simultaneously transmit data packets to the first network service via the first tunnel and the 
second network service via the second tunnel. 

9. (Currently Amended) A system for dynamically creating a tunnel in a 
communications network to provide a subscriber host access to a destination network, 
comprising: 

a storage device that stores a subscriber profile, wherein the subscriber profile 
includes subscriber-specific network service tunneling requirements; 

means for receiving at a network device a first data packet associated with a first 
network service; 

means for accessing the subscriber profile to determine if the first network service 
has a subscriber-specific tunneling requirement; and 

means for creating a first tunnel if a determination is made that the subscriber 
profi le requires a first network service tunnel, wherein the first tunnel has a first end point at the 
network device and a second end point at the first network service; 
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means for receiving at the network device a second data packet associated with a 
second network service: 

means for accessing the subscriber profile to determine if the second network 
service has a subscriber-specific tunneling requirement; and 

means for creating a second tunnel if a determination is made that the subscriber 
profile requires a second network service tunnel, wherein the second tunnel has a first end point 
at the network device and a second end point at the second network service . 

1 0. (Original) The system of Claim 9, further comprising a means for 
determining if a first tunnel between the network device and the first network service pre-exists 
prior to creating the tunnel between the network device and the first network service. 

1L (Cancelled) 

12. (Currently Amended) A network device that dynamically creates a tunnel 

in a communications network to provide a subscriber host access to a destination network, 
comprising: 

a processor that receives from a subscriber a data packet associated with a 
network service; 

a database accessed by the processor that stores a subscriber profile that defines 
the tunnel requirements for the network service; aad 

a tunnel management module implemented by the processor that communicates 
with the database to determine if the subscriber requires a tunnel for access to the network 
service and, if a determination is made that the tunnel is required, the tunnel management 
module creates a tunnel access session between the network device and the network service^ 

wherein the tunnel management module is capable of creating more than one 
tunnel access session for simultaneous subscriber access to more than one network service . 
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1 3 . (Original) The network device of Claim 12, further comprising a session 
management module implemented by the processor that communicates with the database to 
manage the tunnel access session provided by the network device, 

14. (Original) The network device of Claim 12, wherein the tunnel management 
module determines if a tunnel between the network device and the network service pre-exists 
prior to creating the tunnel between the network device and the network service. 

15. (Cancelled) 

16. (Original) The network device of Claim 12 5 wherein the tunnel management 
modi Je is capable of providing simultaneous access to the tunnel access session to more than one 
subscriber accessing the communication network through the network device. 

1 7. (Original) The network device of Claim 1 6, further comprising a session 
management module implemented by the processor that communicates with the database to 
manage the simultaneous tunnel access session provided to more than one subscriber accessing 
the communication network through the network device. 

18. (Original) The network device of Claim 1 6, wherein the subscriber profile 
defines tunneling requirements for the more than one network services that the subscriber has 
been authorized to access. 

1 9. (Original) The network device of Claim 1 8, wherein the tunneling 
requirements are predefined by the subscriber. 

20. (Original) The network device of Claim 1 8, wherein the tunneling 
requirements are predefined by the network device administrator. 
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